Category: Linux

Linux faq, HowTos, Tips & Tricks, Optimization, tools.

symbolic link not allowed or link target not accessible

Post author By Syed Alam
Post date August 28, 2011

Today I was migrating CPanel account to another server using a WHM/Cpanel Utility /scripts/pkgaccount. Package was successfully migrated to a new server and domain was live again on new server. But several functionality of the site was not working and the following error was appearing in apache error log constantly.

symbolic link not allowed or link target not accessible

There are two possibility of this error:

Your apache configuration doesn’t allow to Follow Sym Links.
Your SymLink owner doesn’t match (This usually happens on WHM/CPanel because CPanel uses unique user for unique domain)

Fix “symbolic link not allowed or link target not accessible” on WHM/CPanel Server :

Connect to your WHM/CPanel with root privileges from browser e.g http://example.com:2086

Go To

Main >> Service Configuration >> Apache Configuration >> Global Configuration

Check FollowSymLink

FollowSymLinks

Now, in our example your domain name is hackersgarage.com and your CPanel user is hacker. Simple change ownership of your symlink files to hacker

Jumple to document root of your domain
cd /home/hacker/public_html/

Change ownership
chown hacker:hacker *

If you are still having difficulties or unable to change ownership of files or its just not working.
You can again Go To;

Main >> Service Configuration >> Apache Configuration >> Global Configuration

Uncheck SymLinksIfOwnerMatch

SymLinksIfOwnerMatch

Save it! It should rebuild Apache configuration and reload httpd daemon.

Fix “symbolic link not allowed or link target not accessible” on With Control Panel Server (CentOS/Ubuntu/RedHat):

vim /etc/httpd/conf/httpd.conf

Add

Options +FollowSymLinks -SymLinksIfOwnerMatch

Reload httpd
/etc/init.d/httpd reload

on debian base distro;
/etc/init.d/apache gracefull

If you don’t have access to httpd.conf, you can add this in your .htaccess of your document root.
vim .htaccess

Options +FollowSymLinks -SymLinksIfOwnerMatch

Save it! Here you don’t need to reload httpd daemon.

Note : Using .htaccess method you need to make sure, your httpd.conf is configured/instructed to read .htaccess in your document root.

Tags CPanel/WHM

HowTos Linux

How to use PTCL EVO USB device on Linux?

Post author By Syed Alam
Post date August 27, 2011

We have already written a brief How To use worldcall USB on Linux.

To use PTCL Evo device on Linux, follow the previous HowTo and update the username/password in /etc/wvdial.conf as follows;

vi /etc/wvdial.conf

Update following;

Username = wcall@worldcall.com
Password = wcall

Username = vwireless@ptcl.com
Password = ptcl

and run;

wvdial

DONE!

Tags USB Internet on Linux

HowTos Linux

Disable SSH timeout

Post author By Syed Alam
Post date August 25, 2011

If you ever see your SSH session gets killed, don’t panic 😀 There is nothing wrong, you need to modify the following directives in your /etc/ssh/sshd_config

vim /etc/ssh/sshd_config

Update these directives :

TCPKeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 99999

Restart ssh daemon

/etc/init.d/sshd restart

DONE!

Tags SSH

HowTos Linux Penetration Testing Privilege Escalation

How to install FireSheep on Linux

Post author By Syed Alam
Post date August 24, 2011
1 Comment on How to install FireSheep on Linux

What is FireSheep ?

Come on damn.. Its not new! 😀 Its an old firefox addon. I am explaining it here for how can you use or install it on Linux.

Lets start ;

Taking Checkout from the repository :

git clone https://github.com/codebutler/firesheep.git

Output :

Initialized empty Git repository in /root/firesheep/.git/
remote: Counting objects: 1020, done.
remote: Compressing objects: 100% (605/605), done.
remote: Total 1020 (delta 589), reused 770 (delta 402)
Receiving objects: 100% (1020/1020), 5.48 MiB | 123 KiB/s, done.
Resolving deltas: 100% (589/589), done.

cd firesheep/ git submodule update --init

Output :

Output :Submodule ‘backend/deps/http-parser’ (git://github.com/ry/http-parser.git) registered for path ‘backend/deps/http-parser’
Initialized empty Git repository in /root/firesheep/backend/deps/http-parser/.git/
remote: Counting objects: 815, done.
remote: Compressing objects: 100% (328/328), done.
remote: Total 815 (delta 549), reused 735 (delta 483)
Receiving objects: 100% (815/815), 185.18 KiB | 95 KiB/s, done.
Resolving deltas: 100% (549/549), done.
Submodule path ‘backend/deps/http-parser’: checked out ‘459507f534c807d8ba741730fbc36d4b93b133c1’

Dependencies :

apt-get install libpcap-dev xulrunner-1.9.2-dev libboost-all-dev libtool libhal-dev autoconf

Compilation :

./autogen.sh make

DONE!

How to Load it into Firefox?

firefox build/firesheep.xpi

Tags FireSheep, Sniffing

HowTos Linux

Highly Anonymous Proxy squid 2.6 stable21 release

Post author By Syed Alam
Post date August 17, 2011
12 Comments on Highly Anonymous Proxy squid 2.6 stable21 release

Anonymous proxy is used to hide your source information that includes UserAgent, YourIP, and many other header information can be hide easily.

In this Howto, we will configure our proxy to work highly anonymously with squid authentication, We will use CEntOS 5.5 with squid 2.6 stable21 release.

Squid Installation

yum install squid

User Authentication

User authentication is necessary to restrict it for personal use only.

vi /etc/squid/squid.conf

add;

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl px-users ident testuser
http_access allow all px-users

save the file.

htpasswd -md /etc/squid/passwd testuser

New password:
Re-type new password:

service squid start

Now, set your browser to use this newly configured proxy and go to Verify your proxy header and you should see following header;

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_VIA:1.1 hackersgarage.com:2312 (squid/2.6.STABLE21)
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_CHARSET:ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_ACCEPT_ENCODING:gzip, deflate
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
HTTP_X_FORWARDED_FOR:222.223.32.13

🙁 Ops.. It is disclosing all information are we running. Lets make it highly anonymous.

Making it Highly Anonymous Proxy

Before making it highly Anonymous Proxy Note WARNING: Doing this VIOLATES the HTTP standard.

vim /etc/squid/squid.conf

add following;

## HackersGarage.com - ACL
forwarded_for transparent
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Enncoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Cookie allow all
header_access Set_Cookie allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
header_replace User-Agent anonymous

squid -k reconfigure

Now go to Verify your proxy header and you should see a new header which is highly anonymous.

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:anonymous

Got a problem? Ask below 🙂

Tags Anonymous, squid

HowTos Linux

Running Apache with Multiple PHP Versions

Post author By Syed Alam
Post date August 15, 2011
2 Comments on Running Apache with Multiple PHP Versions

Running multiple php version e.g php4 & php5 required some times for old style applications that is dependant on php4 but applications like wordpress you are required to have php5. Let see how we tackle this problem.

In my scenario, i have CentOS 5 running on my server with apache2. I will be installing php4 in CGI mode and php5 as standalone module for apache. You can use the following method for debian distro too.

Installing apache2 & php5

yum install httpd yum install php

php4 Installation

Now download the source code of php4, you can chose nearest php4 mirror from here.

wget http://www.php.net/get/php-4.4.9.tar.gz/from/ar.php.net/mirror tar -zxvf php-4.4.9.tar.gz cd php-4.4.9

Note : do not add support for apxs2, it will break up the php5 as module for apache2

./configure –prefix=/usr/local/php4 make make install cp -v php.ini-recommended /usr/local/php/etc/php.ini

Configuring php4 as CGI script for Apache.

ln –s /usr/local/php4/bin/php /var/www/html/cgi-bin/php chmod 755 /var/www/html/cgi-bin/php

Configuring Apache for php4

cp –av /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php4.conf

Update these :

vi /etc/httpd/conf.d/php4.conf

Action php4-script /cgi-bin/php
AddHandler php4-script .php4
AddType text/html .php
DirectoryIndex index.php4

Tags php